If you were paying attention to the news in 2017, you probably heard all of the stories about hacks and breaches. Approximately 1 billion passwords were breached and leaked this year, which makes it the most fraudulent year on record.
A group of researchers from the University of California, Berkeley partnered with Google to take a look at this. They focused on analyzing SMB security risks and how these cybercriminals are obtaining, using, and profiting off of this information.
If you look at activity on the black market from 2016 to 2017 and the impact this activity had on Google accounts, you can easily see that there is a huge issue. During the 12 months that were reviewed, there were more than 788,000 credentials stolen through keyloggers, a shocking 12 million taken by phishing scams, and a whopping 1.9 billion from data breaches.
The scammers use phishing kits as a way to not only create, but also configure the tools they use to get a victim’s username and password. Most of these kits are specifically created to focus on Gmail. However, users with Yahoo webmail accounts were the largest groups of victims. In fact, at one point, Yahoo said that all of their users’ data was exposed to hackers.
The Most Popular Passwords Exposed During Data Breaches
How To Avoid Getting Hacked
To protect yourself from getting hacked, there are several things that you can do. First, don’t ever open any attachment or link that you are not expecting. This includes companies you use regularly or from people you know. Never, ever open any attachment from a bank, the IRS, a credit union, hospital, etc. Here are some other ways to prevent getting hacked:
- Install an extension to the browser you use that can detect websites that are malicious.
- Use security software and firewalls – and make sure to keep them updated.
- Back up your data often – ideally each day.
- Install anti-virus, anti-phishing, and anti-spyware software. Also, you should consider encrypting your main hard drive. You should also have security software on every device you use.
- Make sure all members of your household, or your business, know to NEVER click on any links in emails from a sender they don’t know.
- Set up administrative rights on all devices to prevent sketchy software installations.
- Create a test. Find a good guy who knows how to hack and ask them to try to get into your network. This way, you know how to protect yourself from the bad guys because you know how they can get in, too.
- Don’t use public Wi-Fi without a VPN.
- Your operating system and browser should always be updated with the newest versions.
With all of this in mind – should you worry? Should you simply refuse to give any of your personal information to a business? Of course not – that’s unrealistic. But when dealing with a business of any size, you need to keep these security tips in mind in order to reduce your risk of becoming another identity theft statistic. And while no one can make you completely immune from identity theft, signing up with an identity theft protection service can help you limit the damage that’s done if you ever do become a victim.